Welcome!

Blog Feed Post

The Secret Lives of REST APIs

Netflix APIThe recent enterprise acceptance of lightweight REST-based protocols for exposing data and application assets as APIs has been due, in large part, to the simplicity of the resulting interfaces. This simplicity means there is little barrier to entry for developers wishing to consume these APIs in applications built for mobile, Web, desktop, Cloud and gaming platforms. However, as this article from Netflix’s Daniel Jacobson reveals, simplicity can’t be the only goal when designing an API. Flexibility, scalability, optimization, orchestration and adaptation are just a few of the features required in a successful API infrastructure.

At Layer 7, our enterprise customers build incredibly elegant API platforms using our API management technology. Our solutions recognize that one size does not fit all and we provide the tools to adapt to changing requirements without re-architecting new APIs from scratch. Though we certainly support the simple “large number of known and unknown developers” use case Jacobson describes – with robust, scalable technology deployed on a wide variety of hardware, virtual, software and Cloud platforms – we can also address the specific concerns raised by the variety of devices and environments in Netflix’s ecosystem.

Message size, structure and delivery constraints due to device variation represent a large part of the problem. Layer 7 Gateways support the relevant formats and transports and can perform message transformation and protocol mediation on the fly. Policy-based configuration enables custom “virtual” APIs tailored to each device, community of developers or calling application. These format and behavioral changes can be explicit or can be triggered by user identity, app permissions, message content or transaction metadata. Even more complex mediations, such as REST exposure of internal SOAP-based assets, are simple to configure and help to reduce re-implementation costs.

Interaction models can also be optimized and tailored to the calling platform. Composition of comprehensive document-based APIs from multiple backend calls can reduce chatty client interactions. Conversely, small messages from memory-constrained devices can be aggregated into larger, less frequent backend calls. Mobile traffic can be optimized using persistent HTTP(S) connections and over-the-wire compression. And content can be cached at any level of granularity, using an in-memory cache like Terracotta, to reduce the number of calls to the application backend.

As director of one of the world’s most broadly adopted public APIs, Jacobson’s most profound observation is that “public APIs are waning in popularity and business opportunity and… the internal use case is the wave of the future.” API infrastructure needs to support everyone – open API developers, internal coders, contracted development teams and partner groups – especially as mobile workforce enablement and BYOD gain popularity. Layer 7 solutions allow enterprises to make that distinction clear through public vs. private APIs, configurable classes of service and role-based access control.

Jacobson mentions several piecemeal solutions that he and others have attempted to compile into a working platform but notes that those approaches still fall short. Providing an enterprise-grade REST API is no simple feat and it’s great that the truth of the matter is starting to come out. The benefits of a successful API strategy are numerous and well-documented. Layer 7 is the only vendor providing an API management solution that incorporates all the basic necessary functionality and much, much more.

Read the original blog entry...

More Stories By Jaime Ryan

Jaime Ryan is the Partner Solutions Architect for Layer 7 Technologies, and has been building secure integration architectures as a developer, architect, consultant and author for the last fifteen years. He lives in San Diego with his wife and two daughters. Follow him on Twitter at @jryanl7.

Latest Stories
"At the keynote this morning we spoke about the value proposition of Nutanix, of having a DevOps culture and a mindset, and the business outcomes of achieving agility and scale, which everybody here is trying to accomplish," noted Mark Lavi, DevOps Solution Architect at Nutanix, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
"We're here to tell the world about our cloud-scale infrastructure that we have at Juniper combined with the world-class security that we put into the cloud," explained Lisa Guess, VP of Systems Engineering at Juniper Networks, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
SYS-CON Events announced today that Grape Up will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct. 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Grape Up is a software company specializing in cloud native application development and professional services related to Cloud Foundry PaaS. With five expert teams that operate in various sectors of the market across the U.S. and Europe, Grape Up works with a variety of customers from emergi...
"We're a cybersecurity firm that specializes in engineering security solutions both at the software and hardware level. Security cannot be an after-the-fact afterthought, which is what it's become," stated Richard Blech, Chief Executive Officer at Secure Channels, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Detecting internal user threats in the Big Data eco-system is challenging and cumbersome. Many organizations monitor internal usage of the Big Data eco-system using a set of alerts. This is not a scalable process given the increase in the number of alerts with the accelerating growth in data volume and user base. Organizations are increasingly leveraging machine learning to monitor only those data elements that are sensitive and critical, autonomously establish monitoring policies, and to detect...
In his session at 20th Cloud Expo, Mike Johnston, an infrastructure engineer at Supergiant.io, discussed how to use Kubernetes to set up a SaaS infrastructure for your business. Mike Johnston is an infrastructure engineer at Supergiant.io with over 12 years of experience designing, deploying, and maintaining server and workstation infrastructure at all scales. He has experience with brick and mortar data centers as well as cloud providers like Digital Ocean, Amazon Web Services, and Rackspace. H...
Consumers increasingly expect their electronic "things" to be connected to smart phones, tablets and the Internet. When that thing happens to be a medical device, the risks and benefits of connectivity must be carefully weighed. Once the decision is made that connecting the device is beneficial, medical device manufacturers must design their products to maintain patient safety and prevent compromised personal health information in the face of cybersecurity threats. In his session at @ThingsExpo...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know that not all workloads are suitable for cloud. You know that you want the kind of ease of use and scalability that you get with public cloud, but your applications are architected in a way that makes the public cloud a non-starter. You’re looking at private cloud solutions based on hyperconverged infrastructure, but you’re concerned with the limits inherent in those technologies.
SYS-CON Events announced today that Massive Networks will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Massive Networks mission is simple. To help your business operate seamlessly with fast, reliable, and secure internet and network solutions. Improve your customer's experience with outstanding connections to your cloud.
DevOps is under attack because developers don’t want to mess with infrastructure. They will happily own their code into production, but want to use platforms instead of raw automation. That’s changing the landscape that we understand as DevOps with both architecture concepts (CloudNative) and process redefinition (SRE). Rob Hirschfeld’s recent work in Kubernetes operations has led to the conclusion that containers and related platforms have changed the way we should be thinking about DevOps and...
Everything run by electricity will eventually be connected to the Internet. Get ahead of the Internet of Things revolution and join Akvelon expert and IoT industry leader, Sergey Grebnov, in his session at @ThingsExpo, for an educational dive into the world of managing your home, workplace and all the devices they contain with the power of machine-based AI and intelligent Bot services for a completely streamlined experience.
Because IoT devices are deployed in mission-critical environments more than ever before, it’s increasingly imperative they be truly smart. IoT sensors simply stockpiling data isn’t useful. IoT must be artificially and naturally intelligent in order to provide more value In his session at @ThingsExpo, John Crupi, Vice President and Engineering System Architect at Greenwave Systems, will discuss how IoT artificial intelligence (AI) can be carried out via edge analytics and machine learning techn...
FinTechs use the cloud to operate at the speed and scale of digital financial activity, but are often hindered by the complexity of managing security and compliance in the cloud. In his session at 20th Cloud Expo, Sesh Murthy, co-founder and CTO of Cloud Raxak, showed how proactive and automated cloud security enables FinTechs to leverage the cloud to achieve their business goals. Through business-driven cloud security, FinTechs can speed time-to-market, diminish risk and costs, maintain continu...
When shopping for a new data processing platform for IoT solutions, many development teams want to be able to test-drive options before making a choice. Yet when evaluating an IoT solution, it’s simply not feasible to do so at scale with physical devices. Building a sensor simulator is the next best choice; however, generating a realistic simulation at very high TPS with ease of configurability is a formidable challenge. When dealing with multiple application or transport protocols, you would be...
Existing Big Data solutions are mainly focused on the discovery and analysis of data. The solutions are scalable and highly available but tedious when swapping in and swapping out occurs in disarray and thrashing takes place. The resolution for thrashing through machine learning algorithms and support nomenclature is through simple techniques. Organizations that have been collecting large customer data are increasingly seeing the need to use the data for swapping in and out and thrashing occurs ...